ENFORCING SERVICE POLICIES IN EMBEDDED UICCs
First Claim
1. A method for implementing a subsidy lock on a mobile device, the method comprising:
- at an embedded Universal Integrated Circuit Card (eUICC) included in the mobile device;
receiving a request to install or enable an electronic Subscriber Identity Module (eSIM) on the eUICC;
determining, based on a policy enforced by the eUICC, whether an International Mobile Subscriber Identity (IMSI) associated with the eSIM is valid;
when the eSIM is valid;
installing or enabling the eSIM on the eUICC; and
when the eSIM is not valid;
preventing the eSIM from being installed or enabled on the eUICC.
1 Assignment
0 Petitions
Accused Products
Abstract
The embodiments set forth techniques for an embedded Universal Integrated Circuit Card (eUICC) to conditionally require, when performing management operations in association with electronic Subscriber Identity Modules (eSIMs), human-based authentication. The eUICC receives a request to perform a management operation in association with an eSIM. In response, the eUICC determines whether a policy being enforced by the eUICC indicates that a human-based authentication is required prior to performing the management operation. Next, the eUICC causes the mobile device to prompt a user of the mobile device to carry out the human-based authentication. The management operation is then performed or ignored in accordance with results of the human-based authentication.
34 Citations
20 Claims
-
1. A method for implementing a subsidy lock on a mobile device, the method comprising:
at an embedded Universal Integrated Circuit Card (eUICC) included in the mobile device; receiving a request to install or enable an electronic Subscriber Identity Module (eSIM) on the eUICC; determining, based on a policy enforced by the eUICC, whether an International Mobile Subscriber Identity (IMSI) associated with the eSIM is valid; when the eSIM is valid; installing or enabling the eSIM on the eUICC; and when the eSIM is not valid; preventing the eSIM from being installed or enabled on the eUICC. - View Dependent Claims (2, 3, 4)
-
5. A method for implementing a subsidy lock on a mobile device, the method comprising:
at an embedded Universal Integrated Circuit Card (eUICC) included in the mobile device; receiving a request to install or enable an electronic Subscriber Identity Module on the eUICC; identifying, based on a policy enforced by the eUICC, whether a combination of a Mobile Country Code (MCC) and a Mobile Network Code (MNC) included in an International Mobile Subscriber Identity (IMSI) associated with the eSIM is valid; when the combination is valid; installing or enabling the eSIM on the eUICC; and when the combination is not valid; preventing the eSIM from being installed or enabled on the eUICC. - View Dependent Claims (6)
-
7. A method for implementing a subsidy lock on a mobile device, the method comprising:
at a baseband component included in the mobile device; receiving, from an embedded Universal Integrated Circuit Card (eUICC) included in the mobile device, a request to register with a Mobile Network Operator (MNO) using an electronic Subscriber Identity Module (eSIM) managed by the eUICC; generating an encryption challenge; issuing, to the eUICC, a request for a digitally-signed package that includes; the encryption challenge, and a Mobile Country Code (MCC) and a Mobile Network Code (MNC) included in an International Mobile Subscriber Identity (IMSI) that is associated with the eSIM; attempting to authenticate the digitally-signed package based on a digital certificate that is accessible to the baseband component; when the digitally-signed package is authenticated; registering with the MNO in accordance with the eSIM; and when the digitally-signed package is not authenticated; ignoring the request to register with the MNO. - View Dependent Claims (8, 9)
-
10. A method for ensuring at least one electronic Subscriber Identity Module (eSIM) is enabled on an embedded Universal Integrated Circuit Card (eUICC), the method comprising:
at the eUICC; receiving a request to delete or disable an electronic Subscriber Identity Module on the eUICC; when the eUICC manages only the eSIM, and no other eSIMs; preventing the deletion or disablement of the eSIM; and when only one eSIM is enabled within the eUICC, and at least one other eSIM is managed by the eUICC; enabling the at least one other eSIM, and based on the request, deleting or disabling the eSIM. - View Dependent Claims (11)
-
12. A method for controlling a manner in which electronic Subscriber Identity Modules (eSIMs) are managed by an embedded Universal Integrated Circuit Card (eUICC), the method comprising:
at the eUICC; receiving a request to delete or disable an electronic Subscriber Identity Module on the eUICC, wherein the request includes management credentials that are associated with the eSIM; determining whether the management credentials permit the deletion or disablement of the eSIM; when the management credentials permit the deletion or disablement of the eSIM; based on the request, deleting or disabling the eSIM; and when the management credentials do not permit the deletion or disablement of the eSIM; ignoring the request. - View Dependent Claims (13)
-
14. A method for configuring an embedded Universal Integrated Circuit Card (eUICC) included in a mobile device to conditionally require, when performing management operations in association with electronic Subscriber Identity Modules (eSIMs), human-based authentication, the method comprising:
at the eUICC; receiving a request to perform a management operation in association with an eSIM; determining that a policy being enforced by the eUICC indicates that a human-based authentication is required prior to performing the management operation; causing the mobile device to provide a prompt in accordance with the human-based authentication; receiving a response to the prompt for the human-based authentication; and in accordance with the response; performing the management operation or ignoring the request. - View Dependent Claims (15, 16, 17, 18, 19, 20)
Specification